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Claims 



We claim: 

1 . .A method for managing security on a business application management 
platform implemented on a computer, comprising the steps of: 

partitioning a plurality of business objects into a plurality of hierarchical 
domains; and 

creating a security list configured to grant a member the right to perform a 
security operation on said business object located in said hierarchical domain, 
comprising the steps of: 

adding said security operation to said security list; 

applying said security operation to one of said plurality of domains; and 

adding said member to said security list. 

2. The method of Claim 1, wherein said partitioned business objects are 
grouped together in specific categories and/or classes. 

3. The method of Claim 1, wherein the right to perform said security 
operation is shared by more than one member. 

4. The method of Claim 2, wherein said security operation is performed on 
said category or class of business objects. 

5. The method of Claim 1, wherein said security operation is assigned based 
on a customizable partitioning of said business objects into said plurality of 
hierarchical domains. 

6. The method of Claim 1, wherein said security operation is predefined to 
apply to all of said business objects located in said plurality of hierarchical 
domains. 
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7. The method of Claim 1, wherein said security operation represents a group 
of one or more security operations 

8. The method of Claim 1 , wherein said category of business objects defines 
additional security operations that can be performed on said business objects 
within said category of business objects. 

9. The method of Claim 1 , wherein said domains are partitioned based on 
geography, divisions, and/or business function. 

10. The method of Claim 1, wherein said security list is a global security list 
configured to apply across said plurality of hierarchical domains. 

1 1 . The method of Claim 1, wherein said member is an individual user, 
associated with a generic role, and/or associated with an automated process. 

12. A computer security management system for managing security on a 
business 

application management platform, comprising: 

a partitioning mechanism configured to partition a plurality of business objects 
into a plurality of hierarchical domains; 

a security list mechanism configured to create a security list, said security list 
comprising: 

a security operation, wherein said security operation is applied to one of 
said plurality of domains; and 

a member, wherein said security list grants said member the right to 
perform said security operation in one of said hierarchical domains. 

13. The system of Claim 12, wherein said partitioned business objects are 
grouped together in specific categories or classes. 
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14. The system of Claim 12, wherein the right to perform said security 
operation is shared by more than one member. 

15. The system of Claim 13, wherein said security operation is performed on 
said category or class of business objects. 

16. The system of Claim 12, wherein said security operation is assigned based 
on a customizable partitioning of said business objects into said plurality of 
hierarchical domains. 

1 7. The system of Claim 12, wherein said security operation is predefined to 
apply to all of said business objects located in said plurality of hierarchical 
domains. 

1 8. The system of Claim 12, wherein said security operation represents a 
group of one or more security operations 

19. The system of Claim 12, wherein said category of business objects defines 
additional security operations that can be performed on the business objects 
within said category of business objects. 

20. The system of Claim 12, wherein said domains are partitioned based on 
geography, divisions, and/or business function. 

21 . The system of Claim 12, wherein said security list is a global security list 
and is configured to apply across said plurality of hierarchical domains. 

22. The system of Claim 12, wherein said member is an individual user, 
associated with a generic role, and/or associated with an automated process. 
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23. A computer-readable storage medium containing computer executable 
code for implementing a security management system for managing security on a 
business application management platform by instructing a computer to operate as 
follows: 

partition a plurality of business objects into a plurality of hierarchical 
domains; 

create a security list by further instructing the computer to operate as follows: 
add a security operation to said security list; 
apply said security list to one of said plurality of domains; and 
add said member to said security list, wherein said security list is 

configured to grant a member the right to perform said security operation in one 

of said hierarchical domains 

24. The computer-readable storage medium of Claim 23, wherein said 
partitioned business objects are grouped together in specific categories or classes. 

25. The computer-readable storage medium of Claim 23, wherein the right to 
perform said security operation is shared by more than one member. 

26. The computer-readable storage medium of Claim 24, wherein said security 
operation is performed on said category or class of business objects. 

27. The computer-readable storage medium of Claim 23, wherein said security 
operation is assigned based on a customizable partitioning of said business objects 
into said plurality of hierarchical domains. 

28. The computer-readable storage medium of Claim 23, wherein said security 
operation is predefined to apply to all of said business objects located in each 
domain. 
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29. The computer-readable storage medium of Claim 23, wherein said security 
operation represents a group of one or more security operations 

30. The computer-readable storage medium of Claim 23, wherein said 
category of business objects defines additional security operations that can be 
performed on the business objects within said category of business objects. 

31 . The computer-readable storage medium of Claim 23, wherein said 
domains are partitioned based on geography, divisions, and/or business function. 

32. The computer- readable storage medium of Claim 23, wherein said security 
list is a global security list and is configured to apply across said plurality of 
hierarchical domains. 
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